The New Identity Theft: Invasion of the Body Snatchers


We’ve all been told to keep close tabs on our bank statements and cut up old credit cards to avoid identity fraud. But medical identity theft can cost you more than money, it can cost you your life. If someone assumes your identity –usually by tapping into your health insurance- to fill prescriptions, visit doctors or undergo procedures, you end up with the bill. If the criminal seeks enough care, your benefits can be completely exhausted, resulting in losing your coverage or making you ineligible for life insurance. Even more fatalistic, it can permanently alter your medical history prompting a doctor to issue the wrong care in an emergency situation.

The Federal Trade Commission estimates that 3% of all identity theft cases are medical fraud. That’s 250,000 medical identity theft cases each year, amounting to what the National Health Care Anti-Fraud Association estimates at $51 billion dollar loss annually. “Think about it in terms of desperate people taking desperate measures,” says Mitic. “It’s not for quick money. In medical identity theft these people are in a very desperate situations.”

According to the National Coalition on Health Care, nearly 47 million Americans currently lack health insurance. That’s a lot of people with a potential incentive to assume your medical identity. “Someone starts to impersonate you over time,” says Scott Mitic, CEO of Trusted ID, an identity theft protection service. “And finally the person gets open heart surgery and guess where the bill goes? Straight to you.”

Because health care providers are transitioning to electronic patient files, it might become even harder to recover from medical identity theft. “Electronic medical records are insecure by their very nature. Very private data on hundreds of thousands of individuals can sit in a tiny computer and be carried anywhere by car, train, plane, boat or on foot,” says Twila Brase, president of the Citizen’s Council on Health Care, a non-profit based in Minnesota. “And with one click of a mouse, that data can be sent to China or Africa or Timbuktu. And once it's gone, it's gone. There's no retrieving it.”

Even without your personal data being broadcast across the world with the mere keystroke, medical identity theft can be pulled off in your own backyard. “It’s a growing fraud, and not hard to commit if a person doesn’t have a personal relationship with his doctor or the receptionist,” says Mitic. It only takes your name, address and insurance policy number – no social security number needed – for someone to start tapping into your medical benefits. “A doctor only requests your social security number because in case you die they have to put it on the death certificate,” says Jay Foley, executive director of the Identity Theft Resource Center, a non-profit organization based in San Diego, Calif. A person can “decline to use it and say ask my wife after I die,” and many doctors will not require it.

Ask your insurance company to send you a list of all of the medical benefits that have been paid in your name in the last year. Don’t wait until the insurance company contacts you due to suspicious activity. The Health Insurance Portability and Accountability Act (HIPAA) guarantees you the right to access and get copies of all of your health records and be notified when and why your information is shared. If anything is wrong on your records, you have a 90 day window to respond. You can also prohibit your medical information from being shared for certain purposes, like marketing, without your permission.

Put up as many road blocks as you can to prevent access to your private information. “Shredding anything with account numbers is a good idea, get a locking mail box and read statements carefully,” suggests Gail Hillebrand, senior staff attorney at the Consumers Union. “Do your homework to make sure it doesn’t happen in the first place.”

Show Comments

Back to Top